NEAS[.]3b393246ea142938c8c11826f1e2eb00[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.3b393246ea142938c8c11826f1e2eb00.exe
Size

66KB
MD5

3b393246ea142938c8c11826f1e2eb00
SHA1

130a093db6adf8f04504175aa6ff8dbaab6218dd
SHA256

d97acf9b6214a8edf96f16e0337c8da318626b465610aa7674ba3f257a13ae5e
SHA512

df19e44f3aa079d3eb90bf29e8281e74df0b350922fe32128abd1b52a8ef99efffcf1aa7b286da489299ea90afbe9ddfa252b12bf3e38a504573e83869093809
SSDEEP

1536:k/y1p/RCKKzgzB4JrfE6XWSH8DbI7HoRZ/O:lp/bKzgGrzZcDbI7Hon/O

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.3b393246ea142938c8c11826f1e2eb00.exe

Files

NEAS.3b393246ea142938c8c11826f1e2eb00.exe
.exe windows:4 windows x86

a554367bf51896ab1beda46965d307d9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TlsFree
VerLanguageNameW
CheckElevation
GetThreadUILanguage
SystemTimeToTzSpecificLocalTimeEx
RegLoadMUIStringW
SetSystemFileCacheSize
GetProfileSectionW
SetThreadpoolStackInformation
SetThreadPriorityBoost

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 51KB - Virtual size: 70KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE